The creation of the lucene indexes can not be triggered from Jenkins jobs or from the dataportal settings pages, since the /manage/ web services requires authentication.

The best solution to this problem is to allow the definition of global management user accounts which apply to any cdm-remote instance started by a system user.
These users credentials must therefore not be stored in the cdm databases. To store them independently from the cdm instances a configuration file located in $HOME/.cdmLibrary is the preferred storage solution.

Old issue description:

The authorization problem in the dataportal will be solved as soon as the oauth2 client capabilities are implemented into the data portal module: #6332. In case of jenkins it is not possible to provide proper cdm user credentials for each of the instances to be indexed. In this case another grand type is needed.
For this service endpoint it must me possible to authorite via the OAuth2 grant type 'client' (https://tools.ietf.org/html/rfc6749#section-4.4).

TODO:

enable grant type 'client' for /manage/

check for valid clients based on a key. The allowed keys are stored in $USER_HOME/cdm-remote-client-keys` each in a separate line. A key must conform to a md5 hash (or UUID?).

provide script for jenkins to authenticate --> subticket

implement client authentication into the dataportal. This should be doable by making use of the OAuth2 plugin available for Drupal7, see #6118 --> subticket

Related issues

Related to Edit - task #6118: evaluate spring-security-auth2 and spring-cloud-security as a framework for OAuth2

Closed

10/11/2016

Related to Edit - bug #7087: description/accumulateDistributions webservice can not be triggered

oauth2 with grant type 'client' is not really needed. It would require that the client can authenticate with username and login in order to get a token from the oauth2 token service. But ability to login alone would be sufficient to solve the initial issue of this ticket.